<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Get API key information API | ElasticSearch 7.7 权威指南中文版</title>
	<meta name="keywords" content="ElasticSearch 权威指南中文版, elasticsearch 7, es7, 实时数据分析，实时数据检索" />
    <meta name="description" content="ElasticSearch 权威指南中文版, elasticsearch 7, es7, 实时数据分析，实时数据检索" />
    <!-- Give IE8 a fighting chance -->
    <!--[if lt IE 9]>
    <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
    <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
    <![endif]-->
	<link rel="stylesheet" type="text/css" href="../static/styles.css" />
	<script>
	var _link = 'security-api-get-api-key.html';
    </script>
</head>
<body>
<div class="main-container">
    <section id="content">
        <div class="content-wrapper">
            <section id="guide" lang="zh_cn">
                <div class="container">
                    <div class="row">
                        <div class="col-xs-12 col-sm-8 col-md-8 guide-section">
                            <div style="color:gray; word-break: break-all; font-size:12px;">原英文版地址: <a href="https://www.elastic.co/guide/en/elasticsearch/reference/7.7/security-api-get-api-key.html" rel="nofollow" target="_blank">https://www.elastic.co/guide/en/elasticsearch/reference/7.7/security-api-get-api-key.html</a>, 原文档版权归 www.elastic.co 所有<br/>本地英文版地址: <a href="../en/security-api-get-api-key.html" rel="nofollow" target="_blank">../en/security-api-get-api-key.html</a></div>
                        <!-- start body -->
                  <div class="page_header">
<strong>重要</strong>: 此版本不会发布额外的bug修复或文档更新。最新信息请参考 <a href="https://www.elastic.co/guide/en/elasticsearch/reference/current/index.html" rel="nofollow">当前版本文档</a>。
</div>
<div id="content">
<div class="breadcrumbs">
<span class="breadcrumb-link"><a href="index.html">Elasticsearch Guide [7.7]</a></span>
»
<span class="breadcrumb-link"><a href="rest-apis.html">REST APIs</a></span>
»
<span class="breadcrumb-link"><a href="security-api.html">Security APIs</a></span>
»
<span class="breadcrumb-node">Get API key information API</span>
</div>
<div class="navheader">
<span class="prev">
<a href="security-api-enable-user.html">« Enable users API</a>
</span>
<span class="next">
<a href="security-api-get-privileges.html">Get application privileges API »</a>
</span>
</div>
<div class="section xpack">
<div class="titlepage"><div><div>
<h2 class="title">
<a id="security-api-get-api-key"></a>Get API key information API<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/get-api-keys.asciidoc">edit</a><a class="xpack_tag" href="https://www.elastic.co/subscriptions"></a>
</h2>
</div></div></div>

<p>Retrieves information for one or more API keys.</p>
<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-get-api-key-request"></a>Request<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/get-api-keys.asciidoc">edit</a>
</h3>
</div></div></div>
<p><code class="literal">GET /_security/api_key</code></p>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-get-api-key-prereqs"></a>Prerequisites<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/get-api-keys.asciidoc">edit</a>
</h3>
</div></div></div>
<div class="ulist itemizedlist">
<ul class="itemizedlist">
<li class="listitem">
To use this API, you must have at least the <code class="literal">manage_api_key</code> cluster privilege.
</li>
</ul>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-get-api-key-desc"></a>Description<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/get-api-keys.asciidoc">edit</a>
</h3>
</div></div></div>
<p>The information for the API keys created by
<a class="xref" href="security-api-create-api-key.html" title="Create API key API">create API Key</a> can be retrieved using this API.</p>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-get-api-key-path-params"></a>Path parameters<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/get-api-keys.asciidoc">edit</a>
</h3>
</div></div></div>
<p>The following parameters can be specified in the query parameters of a GET request and
pertain to retrieving api keys:</p>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">id</code>
</span>
</dt>
<dd>
(Optional, string) An API key id. This parameter cannot be used with any of
<code class="literal">name</code>, <code class="literal">realm_name</code> or <code class="literal">username</code> are used.
</dd>
<dt>
<span class="term">
<code class="literal">name</code>
</span>
</dt>
<dd>
(Optional, string) An API key name. This parameter cannot be used with any of
<code class="literal">id</code>, <code class="literal">realm_name</code> or <code class="literal">username</code> are used.
</dd>
<dt>
<span class="term">
<code class="literal">realm_name</code>
</span>
</dt>
<dd>
(Optional, string) The name of an authentication realm. This parameter cannot be
used with either <code class="literal">id</code> or <code class="literal">name</code> or when <code class="literal">owner</code> flag is set to <code class="literal">true</code>.
</dd>
<dt>
<span class="term">
<code class="literal">username</code>
</span>
</dt>
<dd>
(Optional, string) The username of a user. This parameter cannot be used with
either <code class="literal">id</code> or <code class="literal">name</code> or when <code class="literal">owner</code> flag is set to <code class="literal">true</code>.
</dd>
<dt>
<span class="term">
<code class="literal">owner</code>
</span>
</dt>
<dd>
(Optional, boolean) A boolean flag that can be used to query API keys owned
by the currently authenticated user. Defaults to false.
The <em>realm_name</em> or <em>username</em> parameters cannot be specified when this
parameter is set to <em>true</em> as they are assumed to be the currently authenticated ones.
</dd>
</dl>
</div>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>When none of the parameters "id", "name", "username" and "realm_name"
are specified, and the "owner" is set to false then it will retrieve all API
keys if the user is authorized. If the user is not authorized to retrieve other user’s
API keys, then an error will be returned.</p>
</div>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-get-api-key-example"></a>Examples<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/get-api-keys.asciidoc">edit</a>
</h3>
</div></div></div>
<p>If you create an API key as follows:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">POST /_security/api_key
{
  "name": "my-api-key",
  "role_descriptors": {}
}</pre>
</div>
<div class="console_widget" data-snippet="snippets/2086.console"></div>
<p>A successful call returns a JSON structure that provides
API key information. For example:</p>
<div class="pre_wrapper lang-console-result">
<pre class="programlisting prettyprint lang-console-result">{
  "id":"VuaCfGcBCdbkQm-e5aOx",
  "name":"my-api-key",
  "api_key":"ui2lp2axTNmsyakw9tvNnw"
}</pre>
</div>
<p>You can use the following example to retrieve the API key by ID:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">GET /_security/api_key?id=VuaCfGcBCdbkQm-e5aOx</pre>
</div>
<div class="console_widget" data-snippet="snippets/2087.console"></div>
<p>You can use the following example to retrieve the API key by name:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">GET /_security/api_key?name=my-api-key</pre>
</div>
<div class="console_widget" data-snippet="snippets/2088.console"></div>
<p>The following example retrieves all API keys for the <code class="literal">native1</code> realm:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">GET /_security/api_key?realm_name=native1</pre>
</div>
<div class="console_widget" data-snippet="snippets/2089.console"></div>
<p>The following example retrieves all API keys for the user <code class="literal">myuser</code> in all realms:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">GET /_security/api_key?username=myuser</pre>
</div>
<div class="console_widget" data-snippet="snippets/2090.console"></div>
<p>The following example retrieves all API keys owned by the currently authenticated user:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">GET /_security/api_key?owner=true</pre>
</div>
<div class="console_widget" data-snippet="snippets/2091.console"></div>
<p>The following example retrieves all API keys if the user is authorized to do so:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">GET /_security/api_key</pre>
</div>
<div class="console_widget" data-snippet="snippets/2092.console"></div>
<p>Following creates an API key</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">POST /_security/api_key
{
  "name": "my-api-key-1"
}</pre>
</div>
<div class="console_widget" data-snippet="snippets/2093.console"></div>
<p>The following example retrieves the API key identified by the specified <code class="literal">id</code> if
it is owned by the currently authenticated user:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">GET /_security/api_key?id=VuaCfGcBCdbkQm-e5aOx&amp;owner=true</pre>
</div>
<div class="console_widget" data-snippet="snippets/2094.console"></div>
<p>Finally, the following example retrieves all API keys for the user <code class="literal">myuser</code> in
 the <code class="literal">native1</code> realm immediately:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">GET /_security/api_key?username=myuser&amp;realm_name=native1</pre>
</div>
<div class="console_widget" data-snippet="snippets/2095.console"></div>
<p>A successful call returns a JSON structure that contains the information of one or more API keys that were retrieved.</p>
<div class="pre_wrapper lang-js">
<pre class="programlisting prettyprint lang-js">{
  "api_keys": [ <a id="CO659-1"></a><i class="conum" data-value="1"></i>
    {
      "id": "dGhpcyBpcyBub3QgYSByZWFsIHRva2VuIGJ1dCBpdCBpcyBvbmx5IHRlc3QgZGF0YS4gZG8gbm90IHRyeSB0byByZWFkIHRva2VuIQ==", <a id="CO659-2"></a><i class="conum" data-value="2"></i>
      "name": "hadoop_myuser_key", <a id="CO659-3"></a><i class="conum" data-value="3"></i>
      "creation": 1548550550158, <a id="CO659-4"></a><i class="conum" data-value="4"></i>
      "expiration": 1548551550158, <a id="CO659-5"></a><i class="conum" data-value="5"></i>
      "invalidated": false, <a id="CO659-6"></a><i class="conum" data-value="6"></i>
      "username": "myuser", <a id="CO659-7"></a><i class="conum" data-value="7"></i>
      "realm": "native1" <a id="CO659-8"></a><i class="conum" data-value="8"></i>
    },
    {
      "id": "api-key-id-2",
      "name": "api-key-name-2",
      "creation": 1548550550158,
      "invalidated": false,
      "username": "user-y",
      "realm": "realm-2"
    }
  ]
}</pre>
</div>
<div class="calloutlist">
<table border="0" summary="Callout list">
<tr>
<td align="left" valign="top" width="5%">
<p><a href="#CO659-1"><i class="conum" data-value="1"></i></a></p>
</td>
<td align="left" valign="top">
<p>The list of API keys that were retrieved for this request.</p>
</td>
</tr>
<tr>
<td align="left" valign="top" width="5%">
<p><a href="#CO659-2"><i class="conum" data-value="2"></i></a></p>
</td>
<td align="left" valign="top">
<p>Id for the API key</p>
</td>
</tr>
<tr>
<td align="left" valign="top" width="5%">
<p><a href="#CO659-3"><i class="conum" data-value="3"></i></a></p>
</td>
<td align="left" valign="top">
<p>Name of the API key</p>
</td>
</tr>
<tr>
<td align="left" valign="top" width="5%">
<p><a href="#CO659-4"><i class="conum" data-value="4"></i></a></p>
</td>
<td align="left" valign="top">
<p>Creation time for the API key in milliseconds</p>
</td>
</tr>
<tr>
<td align="left" valign="top" width="5%">
<p><a href="#CO659-5"><i class="conum" data-value="5"></i></a></p>
</td>
<td align="left" valign="top">
<p>Optional expiration time for the API key in milliseconds</p>
</td>
</tr>
<tr>
<td align="left" valign="top" width="5%">
<p><a href="#CO659-6"><i class="conum" data-value="6"></i></a></p>
</td>
<td align="left" valign="top">
<p>Invalidation status for the API key. If the key has been invalidated, it has
a value of <code class="literal">true</code>. Otherwise, it is <code class="literal">false</code>.</p>
</td>
</tr>
<tr>
<td align="left" valign="top" width="5%">
<p><a href="#CO659-7"><i class="conum" data-value="7"></i></a></p>
</td>
<td align="left" valign="top">
<p>Principal for which this API key was created</p>
</td>
</tr>
<tr>
<td align="left" valign="top" width="5%">
<p><a href="#CO659-8"><i class="conum" data-value="8"></i></a></p>
</td>
<td align="left" valign="top">
<p>Realm name of the principal for which this API key was created</p>
</td>
</tr>
</table>
</div>
</div>

</div>
<div class="navfooter">
<span class="prev">
<a href="security-api-enable-user.html">« Enable users API</a>
</span>
<span class="next">
<a href="security-api-get-privileges.html">Get application privileges API »</a>
</span>
</div>
</div>

                  <!-- end body -->
                        </div>
                        <div class="col-xs-12 col-sm-4 col-md-4" id="right_col">
                        
                        </div>
                    </div>
                </div>
            </section>
        </div>
    </section>
</div>
<script src="../static/cn.js"></script>
</body>
</html>